package cn.sinonet.filter;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import jt.classic.system.ISystem;
import jt.classic.system.user.UserManager;

import org.limp.basework.console.XSystemConfig;
import org.limp.mine.ServiceTool;
import org.limp.mine.StringTool;

public class SSOFilter implements Filter {

	protected FilterConfig filterConfig;
	private String context;
	private String encoding;
	private String serviceUrl;

	public SSOFilter() {
		filterConfig = null;
		context = (String) XSystemConfig.config()
				.getProperty("XSYSTEM_CONTEXT");
		encoding = (String) XSystemConfig.config().getProperty(
				"XSYSTEM_CHARSETNAME");
		serviceUrl = (String) XSystemConfig.config().getProperty(
				"XSYSTEM_WORKSTATION_SESSIONSERVICE");
	}

	private void setFilterConfig(FilterConfig config) {
		filterConfig = config;
	}

	private FilterConfig getFilterConfig() {
		return filterConfig;
	}

	public void destroy() {
	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		if (cn.sinonet.filter.Special4Filter
				.isContains(((HttpServletRequest) request).getRequestURI())) {
			chain.doFilter(request, response);
			return;
		}
		String ssourl = (new StringBuilder(String.valueOf(request.getScheme())))
				.append("://").append(request.getServerName()).append(":")
				.append(request.getServerPort()).toString();
		String ssouserid = StringTool.checkString(request
				.getParameter("SSOUSERID"));
		String ssouserpwd = StringTool.checkString(request
				.getParameter("SSOUSERPWD"));
		String ssosessionid = StringTool.checkString(request
				.getParameter("SSOSESSIONID"));
		String originaluserid = StringTool.checkString(request
				.getParameter("SSOORIGINALUSERID"));
		if (!ssosessionid.equals("")) {
			String ssosessionkey = (new StringBuilder(String.valueOf(ssourl)))
					.append(";").append(ssosessionid).append(";")
					.append(originaluserid).toString();
			if (ISystem.invalidSSOSessionObject(ssosessionkey)) {
				Map param = new HashMap();
				param.put("SSOUSERID", originaluserid);
				param.put("SSOSESSIONID", ssosessionid);
				String r = ServiceTool
						.send4service(serviceUrl, encoding, param);
				if (r.equals("0")) {
					UserManager manager = new UserManager();
					jt.classic.system.user.IUser user = manager.logcheck(
							ssouserid, ssouserpwd);
					manager.clean();
					if (user != null) {
						ISystem.createSSOSessionObject(request, ssosessionkey,
								user);
					} else {
						String ssoerror = filterConfig
								.getInitParameter("ssoerror");
						((HttpServletResponse) response)
								.sendRedirect((new StringBuilder(String
										.valueOf(context))).append(ssoerror)
										.toString());
					}
				} else {
					String ssoerror = filterConfig.getInitParameter("ssoerror");
					((HttpServletResponse) response)
							.sendRedirect((new StringBuilder(String
									.valueOf(context))).append(ssoerror)
									.toString());
				}
			} else {
				ISystem.resetSSOSessionObject(request, ssosessionkey);
			}
		} else {
			String ssosessionkey = StringTool.checkString(request
					.getParameter("SSOSESSIONKEY"));
			if (!ssosessionkey.equals("") && ISystem.invalidSesstion(request)) {
				ISystem.resetSSOSessionObject(request, ssosessionkey);
			} else if (ssosessionkey.equals("")
					&& ISystem.invalidSesstion(request)) {
				String ssoerror = filterConfig.getInitParameter("ssoerror");
				((HttpServletResponse) response)
						.sendRedirect((new StringBuilder(String
								.valueOf(context))).append(ssoerror).toString());
			} else {
				chain.doFilter(request, response);
				return;
			}
		}
		chain.doFilter(request, response);
	}

	public void init(FilterConfig arg0) throws ServletException {
		setFilterConfig(arg0);
	}
}
